From 83ef6d773dc6d21f9721588d1144bedf8af1a259 Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Sun, 27 Nov 2022 14:14:00 +0100 Subject: [PATCH 1/8] Make it clear that we don't delete users --- core/admin/mailu/manage.py | 12 ------------ core/admin/mailu/ui/templates/user/list.html | 1 - core/admin/mailu/ui/views/users.py | 13 ------------- docs/cli.rst | 8 -------- docs/webadministration.rst | 2 -- 5 files changed, 36 deletions(-) diff --git a/core/admin/mailu/manage.py b/core/admin/mailu/manage.py index 32619fe3..68f3fcea 100644 --- a/core/admin/mailu/manage.py +++ b/core/admin/mailu/manage.py @@ -400,18 +400,6 @@ def config_export(full=False, secrets=False, color=False, dns=False, output=None finally: os.umask(old_umask) - -@mailu.command() -@click.argument('email') -@with_appcontext -def user_delete(email): - """delete user""" - user = models.User.query.get(email) - if user: - db.session.delete(user) - db.session.commit() - - @mailu.command() @click.argument('email') @with_appcontext diff --git a/core/admin/mailu/ui/templates/user/list.html b/core/admin/mailu/ui/templates/user/list.html index 1c845062..f5215dc0 100644 --- a/core/admin/mailu/ui/templates/user/list.html +++ b/core/admin/mailu/ui/templates/user/list.html @@ -31,7 +31,6 @@   -   diff --git a/core/admin/mailu/ui/views/users.py b/core/admin/mailu/ui/views/users.py index c7d252a9..7f7e0ab3 100644 --- a/core/admin/mailu/ui/views/users.py +++ b/core/admin/mailu/ui/views/users.py @@ -80,19 +80,6 @@ def user_edit(user_email): domain=user.domain, max_quota_bytes=max_quota_bytes) -@ui.route('/user/delete/', methods=['GET', 'POST']) -@access.domain_admin(models.User, 'user_email') -@access.confirmation_required("delete {user_email}") -def user_delete(user_email): - user = models.User.query.get(user_email) or flask.abort(404) - domain = user.domain - models.db.session.delete(user) - models.db.session.commit() - flask.flash('User %s deleted' % user) - return flask.redirect( - flask.url_for('.user_list', domain_name=domain.name)) - - @ui.route('/user/settings', methods=['GET', 'POST'], defaults={'user_email': None}) @ui.route('/user/usersettings/', methods=['GET', 'POST']) @access.owner(models.User, 'user_email') diff --git a/docs/cli.rst b/docs/cli.rst index 36815fd0..5bed6707 100644 --- a/docs/cli.rst +++ b/docs/cli.rst @@ -9,7 +9,6 @@ Managing users and aliases can be done from CLI using commands: * password * user * user-import -* user-delete * config-update * config-export * config-import @@ -63,13 +62,6 @@ primary difference with simple `user` command is that password is being imported docker-compose run --rm admin flask mailu user-import myuser example.net '$6$51ebe0cb9f1dab48effa2a0ad8660cb489b445936b9ffd812a0b8f46bca66dd549fea530ce' 'SHA512-CRYPT' -user-delete ------------ - -.. code-block:: bash - - docker-compose exec admin flask mailu user-delete foo@example.net - config-update ------------- diff --git a/docs/webadministration.rst b/docs/webadministration.rst index 7e2a5728..5409a3dd 100644 --- a/docs/webadministration.rst +++ b/docs/webadministration.rst @@ -313,8 +313,6 @@ This page is also accessible for domain managers. On the users page new users ca * Edit. For all available options see :ref:`the Add user page `. -* Delete. Deletes the user. The Admin GUI will ask for confirmation if the user must be really deleted. - * Setting. Access the settings page of the user. See :ref:`the settings page ` for more information. * Auto-reply. Access the auto-reply page of the user. See the :ref:`auto-reply page ` for more information. From e43f6524eab297bdf8c5a359e25ec612b7166c43 Mon Sep 17 00:00:00 2001 From: Florent Daigniere Date: Wed, 25 Jan 2023 10:56:55 +0100 Subject: [PATCH 2/8] towncrier --- towncrier/newsfragments/2566.misc | 1 + 1 file changed, 1 insertion(+) create mode 100644 towncrier/newsfragments/2566.misc diff --git a/towncrier/newsfragments/2566.misc b/towncrier/newsfragments/2566.misc new file mode 100644 index 00000000..a908aaac --- /dev/null +++ b/towncrier/newsfragments/2566.misc @@ -0,0 +1 @@ +Remove the ability to delete users; Disable them instead. From 30efdf557f071d5421d2ab698d052ce774016f07 Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Fri, 27 Jan 2023 10:28:27 +0100 Subject: [PATCH 3/8] Re-enable cli action user_delete with "disable" as default --- core/admin/mailu/manage.py | 23 +++++++++++++++++++---- docs/cli.rst | 14 ++++++++++++++ 2 files changed, 33 insertions(+), 4 deletions(-) diff --git a/core/admin/mailu/manage.py b/core/admin/mailu/manage.py index 68f3fcea..869f8348 100644 --- a/core/admin/mailu/manage.py +++ b/core/admin/mailu/manage.py @@ -304,6 +304,7 @@ def config_update(verbose=False, delete_objects=False): if verbose: print(f'Deleting domain: {domain.name}') db.session.delete(domain) + db.session.commit() @@ -351,7 +352,7 @@ def config_import(verbose=0, secrets=False, debug=False, quiet=False, color=Fals raise click.ClickException(msg) from exc raise - # don't commit when running dry + # do not commit when running dry if dry_run: log.changes('Dry run. Not committing changes.') db.session.rollback() @@ -400,15 +401,29 @@ def config_export(full=False, secrets=False, color=False, dns=False, output=None finally: os.umask(old_umask) + +@mailu.command() +@click.argument('email') +@click.option('-r', '--really', is_flag=True) +@with_appcontext +def user_delete(email, really=False): + """disable or delete user""" + if user := models.User.query.get(email): + if really: + db.session.delete(user) + else: + user.enabled = False + db.session.commit() + + @mailu.command() @click.argument('email') @with_appcontext def alias_delete(email): """delete alias""" - alias = models.Alias.query.get(email) - if alias: + if alias := models.Alias.query.get(email): db.session.delete(alias) - db.session.commit() + db.session.commit() @mailu.command() diff --git a/docs/cli.rst b/docs/cli.rst index 5bed6707..01f3a17f 100644 --- a/docs/cli.rst +++ b/docs/cli.rst @@ -9,6 +9,7 @@ Managing users and aliases can be done from CLI using commands: * password * user * user-import +* user-delete * config-update * config-export * config-import @@ -62,6 +63,19 @@ primary difference with simple `user` command is that password is being imported docker-compose run --rm admin flask mailu user-import myuser example.net '$6$51ebe0cb9f1dab48effa2a0ad8660cb489b445936b9ffd812a0b8f46bca66dd549fea530ce' 'SHA512-CRYPT' + +user-delete +----------- + +Although the action is called "user-delete" the user is only deactivated by default. +This is due to the fact mailu does not remove user-data (emails and webmail contacts) when a user is deleted. +Add the flag `-r` to really delete the user after you have deleted user-data manually. + +.. code-block:: bash + + docker-compose exec admin flask mailu user-delete foo@example.net + + config-update ------------- From dd80fde8411acecec2d470e9cce6fa533401f1fa Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Fri, 27 Jan 2023 13:55:10 +0100 Subject: [PATCH 4/8] Add script to purge disabled users. --- scripts/purge_user.sh | 79 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100755 scripts/purge_user.sh diff --git a/scripts/purge_user.sh b/scripts/purge_user.sh new file mode 100755 index 00000000..79e33be1 --- /dev/null +++ b/scripts/purge_user.sh @@ -0,0 +1,79 @@ +#!/bin/bash + +# get id of running admin container +admin="$(docker compose ps admin --format=json | jq -r '.[].ID')" +if [[ -z "${admin}" ]]; then + echo "Sorry, can't find running mailu admin container." + echo "You need to start this in the path containing your docker-compose.yml." + exit 1 +fi + +# get storage path +storage="$( + docker inspect "${admin}" \ + | jq -r '.[].Mounts[] | select(.Destination == "/data") | .Source' +)/.." +storage="$(realpath "${storage}")" +if [[ ! -d "${storage}" ]]; then + echo "Sorry, can't find mailu storage path." + exit 2 +fi + +# fetch list of users from admin +declare -A users=() +while read line; do + users[${line#* }]="${line/ *}" +done < <( + docker compose exec -T admin \ + flask mailu config-export -j user.email user.enabled \ + 2>/dev/null | jq -r '.user[] | "\(.enabled) \(.email)"' +) +if [[ ${#users[@]} -eq 0 ]]; then + echo "mailu config-export returned no users. Aborted." + exit 3 +fi + +# diff list of users <> storage +unknown=false +disabled=false +for maildir in "${storage}"/mail/*; do + [[ -d "${maildir}" ]] || continue + email="${maildir/*\/}" + enabled="${users[${email}]:-}" + if [[ -z "${enabled}" ]]; then + unknown=true + users[${email}]="unknown" + elif ${enabled}; then + unset users[${email}] + else + disabled=true + users[${email}]="disabled" + fi +done + +# output actions +if [[ ${#users[@]} -eq 0 ]]; then + echo "Nothing to be done." + exit 0 +fi +if ${unknown}; then + echo "# To delete maildirs unknown to mailu, run:" + for email in "${!users[@]}"; do + [[ "${users[${email}]}" == "unknown" ]] || continue + echo "rm -rf '${storage}/mail/${email}'" + done + echo +fi +if ${disabled}; then + webmail=true; docker compose ps webmail &>/dev/null || webmail=false + echo "# To purge disabled users, run:" + for email in "${!users[@]}"; do + [[ "${users[${email}]}" == "disabled" ]] || continue + echo -n "docker compose exec -T admin flask mailu user-delete -r '${email}' && rm -rf '${storage}/mail/${email}'" + ${webmail} && \ + echo -n " && docker compose exec -T webmail su mailu -c \"/var/www/roundcube/bin/deluser.sh --host=front '${email}'\"" + echo + done + echo +fi + From fdb819852e9296852ff17837dbdd6697e0138ff1 Mon Sep 17 00:00:00 2001 From: Alexander Graf Date: Thu, 2 Feb 2023 17:09:33 +0100 Subject: [PATCH 5/8] Improve purge script --- scripts/purge_user.sh | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/scripts/purge_user.sh b/scripts/purge_user.sh index 79e33be1..07d4a354 100755 --- a/scripts/purge_user.sh +++ b/scripts/purge_user.sh @@ -51,21 +51,28 @@ for maildir in "${storage}"/mail/*; do fi done -# output actions if [[ ${#users[@]} -eq 0 ]]; then - echo "Nothing to be done." + echo "Nothing to clean up." exit 0 fi + +# is roundcube webmail in use? +webmail=false +docker compose exec webmail test -e /data/roundcube.db 2>/dev/null && webmail=true + +# output actions if ${unknown}; then echo "# To delete maildirs unknown to mailu, run:" for email in "${!users[@]}"; do [[ "${users[${email}]}" == "unknown" ]] || continue - echo "rm -rf '${storage}/mail/${email}'" + echo -n "rm -rf '${storage}/mail/${email}'" + ${webmail} && \ + echo -n " && docker compose exec -T webmail su mailu -c \"/var/www/roundcube/bin/deluser.sh --host=front '${email}'\"" + echo done echo fi if ${disabled}; then - webmail=true; docker compose ps webmail &>/dev/null || webmail=false echo "# To purge disabled users, run:" for email in "${!users[@]}"; do [[ "${users[${email}]}" == "disabled" ]] || continue @@ -76,4 +83,3 @@ if ${disabled}; then done echo fi - From 9dffa11f0f92e594f892ff1742c7e2cfaf04f92c Mon Sep 17 00:00:00 2001 From: Dimitri Huisman Date: Tue, 14 Feb 2023 10:00:55 +0000 Subject: [PATCH 6/8] Update documentation on how to delete disabled users --- docs/faq.rst | 86 ++++++++++++++++++++++++++++---------- docs/webadministration.rst | 12 +++--- 2 files changed, 70 insertions(+), 28 deletions(-) diff --git a/docs/faq.rst b/docs/faq.rst index bd0f4d17..dbbc4eb6 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -24,7 +24,7 @@ advice in the `Technical issues`_ section of this page. I think I found a bug! `````````````````````` -If you did not manage to solve the issue using this FAQ and there are not any +If you did not manage to solve the issue using this FAQ and there are not any `open issues`_ describing the same problem, you can open a `new issue`_ on GitHub. @@ -64,7 +64,7 @@ We currently maintain a strict work flow: #. We use Github actions for some very basic building and testing; #. The pull request needs to be code-reviewed and tested by at least two members from the contributors team. - + Please consider that this project is mostly developed in people their free time. We thank you for your understanding and patience. @@ -152,7 +152,7 @@ Lets start with quoting everything that's wrong: It was added later and, while it has come a long way, is still not as usable as one would want. Much discussion is still going on as to how IPv6 should be used in a containerized world; See the various GitHub issues linked below: - + - Giving each container a publicly routable address means all ports (even unexposed / unpublished ports) are suddenly reachable by everyone, if no additional filtering is done (`docker/docker#21614 `_) @@ -163,14 +163,14 @@ Lets start with quoting everything that's wrong: (which, for now, is enabled by default in Docker) - The userland proxy, however, seems to be on its way out (`docker/docker#14856 `_) and has various issues, like: - + - It can use a lot of RAM (`docker/docker#11185 `_) - - Source IP addresses are rewritten, making it completely unusable for many purposes, e.g. mail servers + - Source IP addresses are rewritten, making it completely unusable for many purposes, e.g. mail servers (`docker/docker#17666 `_), (`docker/libnetwork#1099 `_). - + -- `Robbert Klarenbeek `_ (docker-ipv6nat author) - + Okay, but I still want to use IPv6! Can I just use the installers IPv6 checkbox? **NO, YOU SHOULD NOT DO THAT!** Why you ask? Mailu has its own trusted IPv4 network, every container inside this network can use e.g. the SMTP container without further authentication. If you enabled IPv6 inside the setup assistant (and fixed the ports to also be exposed on IPv6) Docker will @@ -223,7 +223,7 @@ For **service** HA, please see: `How does Mailu scale up?`_ *Issue reference:* `177`_, `591`_. -.. _`spam magnet`: https://web.archive.org/web/20130131032707/https://blog.zensoftware.co.uk/2012/07/02/why-we-tend-to-recommend-not-having-a-secondary-mx-these-days/ +.. _`spam magnet`: https://web.archive.org/web/20130131032707/https://blog.zensoftware.co.uk/2012/07/02/why-we-tend-to-recommend-not-having-a-secondary-mx-these-days/ Does Mailu run on Rancher? `````````````````````````` @@ -292,7 +292,7 @@ I want to integrate Nextcloud 15 (and newer) with Mailu ), ), ), - + If a domain name (e.g. example.com) is specified, then this makes sure that only users from this domain will be allowed to login. After successfull login the domain part will be stripped and the rest used as username in Nextcloud. e.g. 'username@example.com' will be 'username' in Nextcloud. Disable this behaviour by changing true (the fifth parameter) to false. @@ -346,7 +346,7 @@ How do I use webdav (radicale)? | | Subsequently to use webdav (radicale), you can configure your carddav/caldav client to use the following url: | `https://mail.example.com/webdav/user@example.com` -| As username you must provide the complete email address (user@example.com). +| As username you must provide the complete email address (user@example.com). | As password you must provide the password of the email address. | The user must be an existing Mailu user. @@ -401,6 +401,46 @@ Technical issues In this section we are trying to cover the most common problems our users are having. If your issue is not listed here, please consult issues with the `troubleshooting tag`_. +.. _delete_users: + +How to delete users? +```````````````````` + +From the web administration interface, when a user is deleted, the user is only disabled. When a user is not enabled, this user: + +* cannot send/receive email +* cannot access Mailu (admin/webmail) +* cannot access the email box via pop3/imap + +It is not possible to delete users via the Mailu web administration interface. The main reason is to prevent email address reusage. If a user was deleted, it can be recreated and used by someone else. It is not clear that the email address has been used by someone else previously. This new user might receive emails which were meant to be received by the previous user. Disabling the user, prevents the email address to be reused by mistake. + +Another reason is that extra post-deletion steps are required after a user has been deleted from the Mailu database. Those additional steps are: + +* Delete the dovecot mailbox. If this does not happen, a new user with the same email address reuses the previous user's mailbox. +* Delete the user from the roundcube database (not required when SnappyMail is used). If this does not happen, a new user with the same email address reuses the previous roundcube data (such as address lists, gpg keys etc). + +For safely deleting the user data (and possible the user as well) a script has been introduced. The scripts provides the following information + +* commands for deleting mailboxes of unknown users. These users were deleted from Mailu, but still have their mailbox data on the file system. +* commands for deleting mailboxes and roundcube data for disabled users. +* commands for deleting users from the Mailu database. + +Proceed as following for deleting an user: + +1. Disable the to-be-deleted user. This can be done via the Web Administration interface (/admin), the Mailu CLI command user-delete, or the RESTful API. Do **not** delete the user. +2. Download .\\scripts\\purge_user.sh from the `github project`_. Or clone the Mailu github project. +3. Copy the script purge_user.sh to the Mailu folder that contains the `docker-compose.yml` file. +4. Run as root: purge_user.sh +5. The script will output the commands that can be used for fully purging each disabled user. It will show the instruction for deleting the user from the + + * Dovecot maildir from filesystem (all email data) + * Roundcube database (all data saved in roundcube) + * Mailu database. + +6. Run the commands for deleting all user data for each disabled user. + +.. _`github project`: https://github.com/Mailu/Mailu/ + Changes in .env don't propagate ``````````````````````````````` @@ -545,14 +585,14 @@ inside a container. The ``front`` container does use authentication rate limitin down brute force attacks. The same applies to login attempts via the single sign on page. We *do* provide a possibility to export the logs from the ``front`` service and ``Admin`` service to the host. -The ``front`` container logs failed logon attempts on SMTP, IMAP and POP3. +The ``front`` container logs failed logon attempts on SMTP, IMAP and POP3. The ``Admin``container logs failed logon attempt on the single sign on page. For this you need to set ``LOG_DRIVER=journald`` or ``syslog``, depending on the log manager of the host. You will need to setup the proper Regex in the Fail2Ban configuration. -Below an example how to do so. +Below an example how to do so. If you use a reverse proxy in front of Mailu, it is vital to set the environment variables REAL_IP_HEADER and REAL_IP_FROM. -Without these environment variables, Mailu will not trust the remote client IP passed on by the reverse proxy and as a result your reverse proxy will be banned. +Without these environment variables, Mailu will not trust the remote client IP passed on by the reverse proxy and as a result your reverse proxy will be banned. See the :ref:`[configuration reference ` for more information. @@ -596,7 +636,7 @@ The above will block flagged IPs for a week, you can of course change it to you 4. In the mailu docker-compose set the logging driver of the Admin container to journald; and set the tag to mailu-admin .. code-block:: bash - + logging: driver: journald options: @@ -628,25 +668,25 @@ The above will block flagged IPs for a week, you can of course change it to you The above will block flagged IPs for a week, you can of course change it to you needs. 7. Add the /etc/fail2ban/action.d/docker-action.conf - + Option 1: Use plain iptables .. code-block:: bash [Definition] - + actionstart = iptables -N f2b-bad-auth iptables -A f2b-bad-auth -j RETURN iptables -I DOCKER-USER -j f2b-bad-auth - + actionstop = iptables -D DOCKER-USER -j f2b-bad-auth iptables -F f2b-bad-auth iptables -X f2b-bad-auth - + actioncheck = iptables -n -L DOCKER-USER | grep -q 'f2b-bad-auth[ \t]' - + actionban = iptables -I f2b-bad-auth 1 -s -j DROP - + actionunban = iptables -D f2b-bad-auth -s -j DROP Using DOCKER-USER chain ensures that the blocked IPs are processed in the correct order with Docker. See more in: https://docs.docker.com/network/iptables/ @@ -657,7 +697,7 @@ IMPORTANT: You have to install ipset on the host system, eg. `apt-get install ip See ipset homepage for details on ipset, https://ipset.netfilter.org/. ipset and iptables provide one big advantage over just using iptables: This setup reduces the overall iptable rules. -There is just one rule for the bad authentications and the IPs are within the ipset. +There is just one rule for the bad authentications and the IPs are within the ipset. Specially in larger setups with a high amount of brute force attacks this comes in handy. Using iptables with ipset might reduce the system load in such attacks significantly. @@ -727,7 +767,7 @@ In any case, using a dedicated DNS server will improve the performance of your m Can I learn ham/spam messages from an already existing mailbox? ``````````````````````````````````````````````````````````````` -Mailu supports automatic spam learning for messages moved to the Junk mailbox. Any email moved from the Junk Folder will learnt as ham. +Mailu supports automatic spam learning for messages moved to the Junk mailbox. Any email moved from the Junk Folder will learnt as ham. If you already have an existing mailbox and want Mailu to learn them all as ham messages, you might run rspamc from within the dovecot container: @@ -736,7 +776,7 @@ If you already have an existing mailbox and want Mailu to learn them all as ham rspamc -h antispam:11334 -P mailu -f 13 fuzzy_add /mail/user\@example.com/.Ham_Learn/cur/ rspamc -h antispam:11334 -P mailu learn_ham /mail/user\@example.com/.Ham_Learn/cur/ -This should learn every file located in the ``Ham_Learn`` folder from user@example.com +This should learn every file located in the ``Ham_Learn`` folder from user@example.com Likewise, to lean all messages within the folder ``Spam_Learn`` as spam messages : diff --git a/docs/webadministration.rst b/docs/webadministration.rst index 5409a3dd..04e50743 100644 --- a/docs/webadministration.rst +++ b/docs/webadministration.rst @@ -45,11 +45,11 @@ It offers the following configuration options: Access the web administration interface --------------------------------------- -The admin GUI is by default accessed via the URL `https:///admin`, when it's enabled in the setup utility +The admin GUI is by default accessed via the URL `https:///admin`, when it's enabled in the setup utility or by manually setting `ADMIN=true` in `mailu.env`. To login the admin GUI enter the email address and password of an user. -Only global administrator users have access to all configuration settings and the Rspamd webgui. Other users will be +Only global administrator users have access to all configuration settings and the Rspamd webgui. Other users will be presented with settings for only their account, and domains they are managers of. To create a user who is a global administrator for a new installation, the Mailu.env file can be adapted. For more information see the section 'Admin account - automatic creation' in :ref:`the configuration reference `. @@ -313,7 +313,9 @@ This page is also accessible for domain managers. On the users page new users ca * Edit. For all available options see :ref:`the Add user page `. -* Setting. Access the settings page of the user. See :ref:`the settings page ` for more information. +* Delete. Disables the user. For more information on permanently deleting users, refer to the :ref:`How to delete users page`. + +* Settings. Access the settings page of the user. See :ref:`the settings page ` for more information. * Auto-reply. Access the auto-reply page of the user. See the :ref:`auto-reply page ` for more information. @@ -327,13 +329,13 @@ This page also shows an overview of the following settings of an user: * Storage quota. Shows how much assigned storage has been consumed. -* Sending Quota. The sending quota is the limit of messages a single user can send per day. +* Sending Quota. The sending quota is the limit of messages a single user can send per day. * Comment. A description for the user. * Created. Date when the user was created. -* Last edit. Last date when the user was modified. +* Last edit. Last date when the user was modified. .. _webadministration_add_user: From da4934847f4a0f8d3bca43855569ae80751c8883 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman <52963853+Diman0@users.noreply.github.com> Date: Fri, 17 Mar 2023 11:52:46 +0100 Subject: [PATCH 7/8] Fix typo and wording in faq.rst --- docs/faq.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/faq.rst b/docs/faq.rst index 30d79c54..c7d9e3dc 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -404,7 +404,7 @@ From the web administration interface, when a user is deleted, the user is only * cannot access Mailu (admin/webmail) * cannot access the email box via pop3/imap -It is not possible to delete users via the Mailu web administration interface. The main reason is to prevent email address reusage. If a user was deleted, it can be recreated and used by someone else. It is not clear that the email address has been used by someone else previously. This new user might receive emails which were meant to be received by the previous user. Disabling the user, prevents the email address to be reused by mistake. +It is not possible to delete users via the Mailu web administration interface. The main reason is to prevent email address reuse. If a user was deleted, it can be recreated and used by someone else. It is not clear that the email address has been used by someone else previously. This new user might receive emails which were meant for the previous user. Disabling the user, prevents the email address to be reused by mistake. Another reason is that extra post-deletion steps are required after a user has been deleted from the Mailu database. Those additional steps are: From c6c280519607660413cafff69ec40e2dc8b98f37 Mon Sep 17 00:00:00 2001 From: Dimitri Huisman <52963853+Diman0@users.noreply.github.com> Date: Fri, 17 Mar 2023 12:54:18 +0100 Subject: [PATCH 8/8] Update changelog with extra info. --- towncrier/newsfragments/2566.misc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/towncrier/newsfragments/2566.misc b/towncrier/newsfragments/2566.misc index a908aaac..8a682118 100644 --- a/towncrier/newsfragments/2566.misc +++ b/towncrier/newsfragments/2566.misc @@ -1 +1,2 @@ -Remove the ability to delete users; Disable them instead. +Remove the ability to delete users via the webui; Disable them instead. +For more information on deleting users see the entry "How to delete users" in the FAQ.